As you, my dear readers know, I sometimes like to point at really, really stupid things that I see in our domain. Here is one: "Vista will force need for network forensics."
This security VP from CA (you can start laughing now, but please wait for a punchline) claims that "Encryption by default means that without user credentials it will no longer be possible to investigate user behaviour at a disk level." thus "The result? Network forensics is rapidly becoming the next big thing in IT security."
So, who can name more reasons why this pathetic attempt to sell "CA Network Forensics" product is laughable?
Here is one reason to rule them all: network encryption is here NOW, disk encryption is coming in the FUTURE. Thus, if disk encryption will break disk forensics, than network forensics is broken already...
BTW, looking at logs for forensics will always be useful - but that is another story altogether :-)
No comments:
Post a Comment